Home CVE Database CVE-2018-12015

CVE-2018-12015

Description

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

Priority: MEDIUM
CVSS v3: 7.5
Publish Date: Jun 7, 2018
Related ID: --
CVSS v2: HIGH
Modified Date: Jun 12, 2018

Find out more about CVE-2018-12015 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

perl

Live chat
Online